use-developer-controlled-wallets
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the @circle-fin/developer-controlled-wallets package from the npm registry, which is the official library provided by the skill author circlefin.
- [CREDENTIALS_UNSAFE]: The documentation identifies sensitive credentials such as CIRCLE_API_KEY and ENTITY_SECRET but enforces best practices by instructing users to use environment variables and providing explicit warnings against exposure.
- [COMMAND_EXECUTION]: The skill includes procedures for generating entity secrets and saving recovery files locally, which are documented and necessary steps for the security model of the Circle SDK.
Audit Metadata